CVE-2022-4892

Name of the Vulnerable Software and Affected Versions MyCMS (affected versions not specified)

Description A problematic issue was found in MyCMS, affecting the build view function of the file lib/gener/view.php in the Visitors Module. The manipulation of the original/converted argument leads to cross-site scripting. It is possible to initiate the attack remotely.

Recommendations To fix this issue, it is recommended to apply a patch named d64fcba4882a50e21cdbec3eb4a080cb694d26ee. As a temporary workaround, consider disabling the build view function until a patch is available. Restrict access to the vulnerable component Visitors Module to minimize the risk of exploitation. Avoid using the original/converted argument in the affected API endpoint until the issue is resolved.